CVE-2022-45124
published 2023-03-20CVE-2022-45124: An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network…
PriorityP353high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
14.50%
96.2th percentile
An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can sniff network traffic to leverage this vulnerability.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wellintech | kinghistorian | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
WellinTech KingHistorian
cisa_ics·2023-07-18·CVSS 8.1
[HIGH] WellinTech KingHistorian
ICS Advisory
##
WellinTech KingHistorian
Release DateJuly 18, 2023
Alert CodeICSA-23-199-07
## 1. EXECUTIVE SUMMARY
- CVSS v3 8.1
- ATTENTION: Exploitable remotely/low attack complexity/public exploits are available
- Vendor: WellinTech
- Equipment: KingHistorian
- Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Signed to Unsigned Conversion Error
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information or send malicious data which can lead to a buffer overflow.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of WellinTech KingHistorian, a time-series database, are affected:
-
KingHistorian: version 35.01.00.05
## 3.2 VULNERABIL
GHSA
GHSA-xm38-cjvm-pwwc: An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian 35
ghsa_unreviewed·2023-03-20
CVE-2022-45124 [HIGH] CWE-200 GHSA-xm38-cjvm-pwwc: An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian 35
An information disclosure vulnerability exists in the User authentication functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can sniff network traffic to leverage this vulnerability.
No detection rules found.
No public exploits indexed.
Checkpoint
27th March – Threat Intelligence Report
blogs_checkpoint·2023-03-27·CVSS 7.2
CVE-2023-0669 [HIGH] 27th March – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 27th March – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 27th March, please download our Threat_Intelligence Bulletin
TOP ATTACKS AND BREACHES
New victims of Clop ransomware gang that leveraged for the attack purpose a zero-day security flaw (CVE-2023-0669) in the Fortra GoAnywhere Managed File Transfer system were disclosed. Among those are the American luxury brand retailer Saks Fifth Avenue , and City of Toronto .
Check Point IPS, Threat Emulation and Harmony Endp
Talos
Vulnerability Spotlight: WellinTech ICS platform vulnerable to information disclosure, buffer overflow vulnerabilities
blogs_talos·2023-03-21·CVSS 8.1
CVE-2022-45124 [HIGH] Vulnerability Spotlight: WellinTech ICS platform vulnerable to information disclosure, buffer overflow vulnerabilities
Cisco Talos recently discovered two vulnerabilities in WellinTech’s KingHistorian industrial control systems data manager.
KingHistorian is a time-series database that allows users to ingest and process large amounts of data from ICS, including built-in statistical analysis.
Talos discovered an information disclosure vulnerability (TALOS-2022-1683/CVE-2022-45124) in the software’s user authentication function. If an adversary could capture an authentication packet, it contains all the necessary information to steal the target user’s username and password for the software.
Another vulnerability, TALOS-2022-1674 (CVE-2022-43663) exists in a DLL in the software that could allow an adversary to cause a buffer overflow by sending a malicious packet to the targeted machine.
Cisco Talos worke
Talos
Vulnerability Spotlight: WellinTech ICS platform vulnerable to information disclosure, buffer overflow vulnerabilities
blogs_talos·2023-03-21·CVSS 8.1
CVE-2022-45124 [HIGH] Vulnerability Spotlight: WellinTech ICS platform vulnerable to information disclosure, buffer overflow vulnerabilities
## Vulnerability Spotlight: WellinTech ICS platform vulnerable to information disclosure, buffer overflow vulnerabilities
Cisco Talos recently discovered two vulnerabilities in WellinTech’s KingHistorian industrial control systems data manager.
KingHistorian is a time-series database that allows users to ingest and process large amounts of data from ICS, including built-in statistical analysis.
Talos discovered an information disclosure vulnerability ( TALOS-2022-1683 /CVE-2022-45124) in the software’s user authentication function. If an adversary could capture an authentication packet, it contains all the necessary information to steal the target user’s username and password for the software.
Another vulnerability, TALOS-2022-1674 (CVE-2022-43663) exists in a DLL in the software that
2023-03-20
Published